On 29/12/08 09:47, Kyle Hamilton wrote:
Uhm...
how did you arrive at the "tens of thousands of other Comodo
customers" figure? I don't believe that Comodo has disclosed the
number of unique domain names served by certificates that it has
issued.
http://www.securityspace.com/s_survey/sdata/200611/certca.html
Security Space figures are now sold not openly published, that is 2
years old. To save the click, December 2006, Security Space reports
that Comodo had 13,715 certs in live.
1. I'll leave to others to address the various fudge factors.
2. If anyone has any view on a new, current report, they could help
reduce the FUD by letting us know that CA's current numbers.
And since the number one reason for having a CA in the root list is
for Mozilla-software user security, how do you arrive at "punish [...]
millions of users"?
In my earlier post, I took the certs and multiplied by 100. It's a
finger in the air, a hand waving. I have no idea, but it is probably
more than 10. If it was 10, the server would likely go for a SSC. :)
2) You have some way of knowing what CAs are in use by the servers
that users of the Mozilla applications use (which concept rather
scares me, since it hasn't been disclosed as part of the software
operations), OR
As above.
3) You're pulling numbers out of thin air.
Yes, start with what we know. 13,715 two years back. Then add some
estimates of what we don't know. Call it 20k now. Multiply by 100
users to get 2m.
The number at the end is flaky, but it is better than no number. Refine
as more info comes to hand.
iang
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
